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DETAILED ACTION 



Response to Arguments 



1 . Applicant's arguments filed 04/1 8/2003 have been fully considered but they are not 
persuasive. Please see the following reasons and the new grounds of rejection below. 

2. Applicant argues "Amendments were made. . .with each other" (page 1 1 paragraph 1 -2). 
The argument is not persuasive because the definition of "meta-information" is vague. The 
Hansen reference teaches a system that generates configuration information based on map 
information that is the same for all devices (column 12, lines 35-55; column 5, lines 45-55). This 
is meta-level information. 

3. Applicant argues "Sidey, the primary. . .in the claims" (page 1 1 , paragraph 3 - page 12, 
paragraph 2). The argument is not persuasive because the examiner in a previous office action 
also noted all deficiencies noted by the applicant. This was the reason for the combination as 
shown in the previous office action. Due to applicant's amendments, the basis of rejection for 
some claims has changed, however, the Sidey reference is still used for the confirmation of 
consistency in network configuration information. 

4. Applicant further argues "The Examiner recognizing. . .in the claims" (page 12, paragraph 
3 - page 13, paragraph 2). The argument is not persuasive because the Hansen reference does 
teach the use of information (meta-level information) that is common for all devices to generate 

a new configuration file (column 12, lines 35-55; column 5, lines 45-55). The map information 
is used for determining the applicability of configuration files. The map files that are used are 
common for the network and ensure the common operation of the network devices. 

5. All further arguments are not persuasive for all the reasons shown above. 
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Claim Rejections - 35 USC § 103 



6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which the subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 1, 2, 5, and 6 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Hansen (USPN 5,838,907) in view of Sidey (USPN 5,954,797). 

8. Regarding claim 1 , Hansen (USPN 5,838,907) teaches a network management system 
comprising a plurality of network devices operating in a coordinated manner and a management 
server managing the plurality of network devices with means for: 

a. Means for generating a plurality of pieces of setup information based on pre- 



defined meta-level information to be used for the plurality of network devices 
on which settings are to be made, the plurality of pieces of setup information 
being generated to maintain consistency in operation of the plurality of 
network devices (column 5, lines 45-55). Note that certain information (such 
as protocol) is common to all devices and can be referred to as meta- 
information. 

b. Wherein the meta-level information is information to be used as a source for 
generating setup information according to a pre-defined policy for operating 
the network devices in a coordinated manner (column 5, lines 45-50). 
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Although the system disclosed by Hansen (USPN 5,838,907) shows substantial features 
of the claimed invention, it fails to disclose means for confirming consistency of the setup 
information set up in the plurality of network devices. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Hansen (USPN 5,838,907), as evidenced by Sidey 
(USPN 5,954,797). 

In an analogous art, Sidey (USPN 5,954,797) discloses a network management system 
with means for confirming consistency of the setup information set up in the plurality of network 
devices (column 9, lines 34-38). 

Given the teaching of Sidey (USPN 5,954,797), a person having ordinary skill in the art 
would have readily recognized the desirability and advantages of modifying Hansen (USPN 
5,838,907) by employing the use of a comparison to verify generated configuration information. 
This benefits the system by ensuring that all the current configuration information on the system 
is up to date and that configuration changes will be acceptable. 

9. Regarding claim 2, Hansen (USPN 5,838,907) teaches all the limitations as applied to 
claim 1. He further teaches means for: 

a. Collecting setup information for each of the network devices (column 6, lines 
8-11). 

b. Generating meta-level information to be checked based on the collected setup 
information (column 5, lines 13-20). 

c. Checking the meta-level information to be checked with pre-defined meta- 
level information (column 5, lines 49-55). Note that each file must have the 
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same information available (meta-information). Available files are checked 
for each entry. 

10. Regarding claim 5, Hansen teaches all the limitations as applied to claim 1 . Hansen 
(USPN 5,838,907) further teach means wherein: 

a. The network device is a server (figure lb). The network device could be any 
device on a network including a server. All devices could be servers. 

Although the system disclosed by Hansen (as applied to claim 1) shows substantial 
features of the claimed invention, it fails to disclose including setup information that includes an 
access privilege of the server. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Hansen. 

A person having ordinary skill in the art would have readily recognized the desirability 
and advantages of modifying Sidey and Hansen by employing the inclusion of access policy for 
a managed server. Servers are just another network element to be managed, and security is 
probably the most important aspect of server management. This would be a natural addition of 
setup information that would be a necessity for all servers to be confirmed for consistency and 
automatically configured. 

1 1 . Regarding claim 6, Hansen (USPN 5,838,907) teaches all the limitations as applied to 
claim 1 . He further teaches means wherein 

a. Each of the network devices is a computer executing a network application 
periodically exchanging data (column 6, lines 30-37). 
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b. Each of the plurality of pieces of setup information includes setup information 
related to the network application (column 6, lines 30-37). Note that the 
application is sending configuration files. 

12. Claims 10, 1 1, 14, and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Sidey (USPN 5,954,797) in view of Hansen (USPN 5,838,907). 

13. Regarding claim 10, Sidey teaches a network management system having a plurality of 
network devices operating in a coordinated manner and a management server managing the 
plurality of network devices, the network management server comprising means for: 

a. Distributing a plurality of pieces of setup information to each of the network 
devices (column 9, lines 49-60). 

b. Wherein each of the plurality of setup information is for each of the plurality 
of network devices operating in a coordinated manner respectively and has no 
inconsistencies with each other as to operating of the network devices in a 
coordinated manner (column 9, lines 34-38, 49-60). Note that in the 
reference, the setup of network elements is assessed for consistency and any 
discrepancies are reported or "fixed" automatically. 

Although the system disclosed by Sidey shows substantial features of the claimed 
invention, it fails to disclose means for: 

a. Generating a plurality of pieces of setup information based on predefined 
meta-level information that is referred to for causing the plurality of network 
devices to operate in a coordinated manner. 
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b. Wherein the meta-level information is information to be used as a source for 



generating setup information according to a predefined policy for operating 



the network devices in a coordinated manner. 



Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey, as evidenced by Hansen. 

In an analogous art, Hansen discloses a configuration management system for remote 
monitoring and configuration of network elements with a management server comprising means 



a. Generating a plurality of pieces of setup information based on predefined 
meta-level information that is referred to for causing the plurality of network 
devices to operate in a coordinated manner (column 5, lines 23-27). 

b. Wherein the meta-level information is information to be used as a source for 
generating setup information according to a predefined policy for operating 
the network devices in a coordinated manner (column 5, lines 15-22, 45-55) 

Given the teaching of Hansen, a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey by employing the 
generation of setup information for network elements using common meta-level informatioOn as 
a basis. The system of Sidey receives and compares current configuration information to ensure 
system consistency. It is a logical extension of this to then generate configuration information 
for the client and re-configure it and to use certain information that is the same for all devices. 
This benefits the system by relieving the need for additional work by a system administrator and 
decreases possible down time. 



for: 
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14. Regarding claim 1 1, Sidey teaches all the limitations as applied to claim 10. He further 
teaches means for: 

a. Collecting setup information for each of the plurality of network devices 
(column 9, lines 21-26). 

b. Checking the meta-level information to be checked with the predefined meta- 
level information (column 9, lines 34-38). 

Although the system disclosed by Sidey shows substantial features of the claimed 
invention, it fails to disclose means for: 

a. Generating meta-level information to be checked based on the collected setup 
information. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey, as evidenced by Hansen. 

In an analogous art, Hansen discloses a configuration management system for remote 
monitoring and configuration of network elements with a management server comprising means 
for: 

a. Generating meta-level information to be checked based on the collected setup 
information (column 5, lines 23-27, 45-55). Note that in the reference, 
configuration information is generated in order to maintain consistency of 
network device configuration. This is the type of information that would be 
checked. 

Given the teaching of Hansen, a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey by employing the 
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generation of setup information for network elements. The system of Sidey receives and 
compares current configuration information to ensure system consistency. It is a logical 
extension of this to then generate configuration information for the client and re-configure it. 
This benefits the system by relieving the need for additional work by a system administrator and 
decreases possible down time. 

15. Regarding claim 14, Sidey and Hansen teach all the limitations as applied to claim 10. 
Sidey further teaches means wherein: 

a. Each of the network devices is a server (column 4, lines 9-15). Note that in 
the reference, any type of network element could be included; the clients can 
be servers to another system. 

Although the system disclosed by Sidey and Hansen shows substantial features of the 
claimed invention, it fails to disclose including setup information that includes an access 
privilege of the server. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen. 

A person having ordinary skill in the art would have readily recognized the desirability 
and advantages of modifying Sidey and Hansen by employing the inclusion of access policy for 
a managed server. Servers are just another network element to be managed, and security is 
probably the most important aspect of server management. This would be a natural addition of 
setup information that would be a necessity for all servers to be confirmed for consistency and 
automatically configured. 
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16. Regarding claim 15, Sidey and Hansen teach all the limitation as applied to claim 10. 
Sidey further teach means wherein: 

a. Each of the network devices is a computer executing a network application 
periodically exchanging data (column 4, lines 12-15). Note that in the 
reference, one of the specifically mentioned network elements is a router. 
Routers are network elements that exchange data. 

b. Wherein each of the plurality of pieces of setup information includes setup 
information related to the network application (column 9, lines 20-40). 

17. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hansen (USPN 
5,838,907) and Sidey as applied to claim 1 above, and further in view of Crichton et al. 

18. Regarding claim 3, although the system disclosed by Sidey and Hansen (as applied to 
claim 1) shows substantial features of the claimed invention, it fails to disclose means wherein 
each of the plurality of pieces of setup information includes tunneling setup information. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen, as evidenced by Crichton et al. 

In an analogous art, Crichton et al. discloses a system for the setup of communications 
between machines behind disparate firewalls. The system includes each of the plurality of pieces 
of setup information includes tunneling setup information (column 4, lines 20-34). 

Given the teaching of Crichton et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by employing 
tunneling setup information in the standard setup information. Firewalls are a common network 
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element that must be setup in any configuration operation. Setting them up for tunneling allows 
for greater ease of communication between machines on both sides of the firewall. 

19. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over Sidey (USPN 
5,954,797) and Hansen (USPN 5,838,907) as applied to claim 10 above, and further in view of 
Crichton et al. 

20. Regarding claim 12, although the system disclosed by Sidey and Hansen (as applied to 
claim 10) shows substantial features of the claimed invention, it fails to disclose means wherein 
each of the plurality of pieces of setup information includes tunneling setup information. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen, as evidenced by Crichton et al. 

In an analogous art, Crichton et al. discloses a system for the setup of communications 
between machines behind disparate firewalls. The system includes each of the plurality of pieces 
of setup information includes tunneling setup information (column 4, lines 20-34). 

Given the teaching of Crichton et al, a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by employing 
tunneling setup information in the standard setup information. Firewalls are a common network 
element that must be setup in any configuration operation. Setting them up for tunneling allows 
for greater ease of communication between machines on both sides of the firewall. 

21. Claims 4 and 7 are rejected under 35 U.S.C. 103(a) as being unpatentable over Hansen 
(USPN 5,838,907) and Sidey (USPN 5,954,797) as applied to claim 1 above, and further in view 
of Antur et al. 
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22. Regarding claim 4, although the system disclosed by Hansen (USPN 5,838,907) and 
Sidey (USPN 5,954,797) (as applied to claim 1) shows substantial features of the claimed 
invention, it fails to disclose means wherein: 

a. The network device is a firewall 

b. Each of the plurality of pieces of setup information includes setup information 
related to access control for the firewall. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Hansen (USPN 5,838,907) and Sidey (USPN 
5,954,797), as evidenced by Antur et al.. 

In an analogous art, Antur et al. disclose a system for configuration (setup) wherein: 

a. The network device is a firewall (figure 2; column 6, lines 50-55). 

b. Each of the plurality of pieces of setup information includes setup information 
related to access control for the firewall (column 6, lines 50-55). 

Given the teaching of Antur et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Hansen (USPN 5,838,907) and 
Sidey (USPN 5,954,797) by employing the use of setup information for firewalls. Firewalls 
require a large amount of setup information and must be commonly administered by a small 
number of personnel. 

23. Regarding claim 7, Hansen (USPN 5,838,907) and Sidey (USPN 5,954,797) teach all the 
limitations as applied to claim 1 . Sidey further teach means wherein: 
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a. The management server includes means for distributing routing means for 
routing settings from setup information for the firewall (column 4, lines 12- 
15). Note that router information can be included in the setup information. 

b. Distributed routing means (to firewalls or other network devices) include 
means for setting up the setup information in the network device (column 9, 
lines 20-40). 

Although the system disclosed by Hansen (USPN 5,838,907) and Sidey (USPN 
5,954,797) (as applied to claim 1) shows substantial features of the claimed invention, it fails to 
disclose: 

a. A firewall is disposed between the management server and each of the 
network devices. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen, as evidenced by Antur et al.. 

In an analogous art, Antur et al. disclose a system for firewall configuration (setup) 
wherein: 

a. A firewall is disposed between the management server and each of the 
network devices (figure 2). Note that the act of configuring the firewall 
fulfills this requirement. The reference also teaches configuration of other 
security devices inside and outside the firewall. 
Given the teaching of Antur et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Hansen (USPN 5,838,907) and 
Sidey (USPN 5,954,797) by including routing information for further setup of network devices 
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on the other side of the configured firewall. This allows for a management server at a remote 
location (possibly a third party) to operate outside the firewall and provide configuration to a 
router without physical access. 

24. Claims 13 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Sidey 
(USPN 5,954,797) and Hansen (USPN 5,838,907) as applied to claim 10 above, and further in 
view of Antur et al. 

25. Regarding claim 13, although the system disclosed by Sidey and Hansen (as applied to 
claim 10) shows substantial features of the claimed invention, it fails to disclose means wherein: 

a. The network device is a firewall 

b. Each of the plurality of pieces of setup information includes setup information 
related to access control for the firewall. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen, as evidenced by Antur et al.. 

In an analogous art, Antur et al. disclose a system for configuration (setup) wherein: 

a. Each of the network devices is a firewall (figure 2; column 6, lines 50-55). 
The system could only apply to firewalls. 

b. Each of the plurality of pieces of setup information includes setup information 
related to access control for the firewall (column 6, lines 50-55). 

Given the teaching of Antur et al, a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by employing 
the use of setup information for firewalls. Firewalls require a large amount of setup information 
and must be commonly administered by a small number of personnel. 




Application/Control Number: 09/3 1 4,629 Page 1 5 

Art Unit: 2153 

26. Regarding claim 16, Sidey and Hansen teach all the limitations as applied to claim 10. 
Sidey further teach means wherein: 

a. The management server includes means for distributing routing means for 
routing settings from setup information for the firewall (column 4, lines 12- 
15). Note that router information can be included in the setup information. 

b. Distributed routing means (to firewalls or other network devices) include 
means for setting up the setup information in the network device (column 9, 
lines 20-40). 

Although the system disclosed by Sidey and Hansen (as applied to claim 1) shows 
substantial features of the claimed invention, it fails to disclose: 

a. A firewall is disposed between the management server and each of the 
network devices. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen, as evidenced by Antur et al.. 

In an analogous art, Antur et al. disclose a system for firewall configuration (setup) 
wherein: 

a. A firewall is disposed between the management server and each of the 
network devices (figure 2). Note that the act of configuring the firewall 
fulfills this requirement. The reference also teaches configuration of other 
security devices inside and outside the firewall. 
Given the teaching of Antur et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by including 
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routing information for further setup of network devices on the other side of the configured 
firewall. This benefits the system by allowing a management server at a remote location 
(possibly a third party) to operate outside the firewall and provide configuration without physical 
access. 

27. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hansen (USPN 
5,838,907) and Sidey (USPN 5,954,797) as applied to claim 1, and further in view of Reid et al. 

28. Regarding claim 8, although the system disclosed by Hansen (USPN 5,838,907) and 
Sidey (as applied to claim 1) shows substantial features of the claimed invention, it fails to 
disclose means wherein the management server and the routing means include means for 
performing mutual authentication and means for encrypting data. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen as evidenced by Reid et al.. 

In an analogous art, Reid et al. discloses a system for firewall configuration including 
means wherein a the management server and the routing means include means for performing 
mutual authentication and means for encrypting data (column 3, lines 1-7; column 5, lines 51- 
57). Note that the purpose of the firewall includes authentication and encryption between clients 
and servers on opposite sides of the firewall. 

Given the teaching of Reid et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by employing 
the inclusion of authentication and encryption instructions in the setup information to the 
firewall. These are common functions of a firewall and must be included in any setup 
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information. Including them in the automatic setup benefits the system by allowing for 
guaranteed consistency of this security policy. 

29. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Sidey (USPN 
5,954,797) and Hansen as applied to claim 10, and further in view of Reid et al. 

30. Regarding claim 1 7, although the system disclosed by Sidey and Hansen (as applied to 
claim 10) shows substantial features of the claimed invention, it fails to disclose means wherein 
the management server and the routing means include means for performing mutual 
authentication and means for encrypting data. 

Nonetheless, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Sidey and Hansen as evidenced by Reid et al.. 

In an analogous art, Reid et al. discloses a system for firewall configuration including 
means wherein a the management server and the routing means include means for performing 
mutual authentication and means for encrypting data (column 3, lines 1-7; column 5, lines 51- 
57). Note that the purpose of the firewall includes authentication and encryption between clients 
and servers on opposite sides of the firewall. 

Given the teaching of Reid et al., a person having ordinary skill in the art would have 
readily recognized the desirability and advantages of modifying Sidey and Hansen by employing 
the inclusion of authentication and encryption instructions in the setup information to the 
firewall. These are common functions of a firewall and must be included in any setup 
information. Including them in the automatic setup benefits the system by allowing for 
guaranteed consistency of this security policy. 
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Conclusion 



3 1 . Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kevin Parton whose telephone number is (703)306-0543. The 
examiner can normally be reached on M-F 8:00AM - 4:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glenton Burgess can be reached on (703)305-4792. The fax phone numbers for the 
organization where this application or proceeding is assigned are (703)746-9242 for regular 
communications and (703)746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703)305-3900. 
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